Py-swagger-ui

**Interface changes:** `validatorUrl: null` configuration works again. Pardon the interruption!

- Improvement: raised minimum `react` and `react-dom` versions to `15.6.2`, ensuring that we always use an MIT-licensed version (via 3805)
- Improvement: added `pattern` validator to `validateParameter` (via 3798)
- Improvement: modified `validateParameter`'s logic so that its output is more helpful (via 3839
- Improvement: switched to a new XML beautifier that fixes a large XML response rendering bottleneck (via 3862)
- Improvement: added CSS property to Execute button animation that should lighten the animation's CPU impact (via 3807)
- Improvement: exposed configuration value management to Redux state (via 3813)
- Improvement: refactored SCSS color values into variables (via 3769)
- Improvement: refactored Primitive and Array Model property display into a new Property component, which will be useful for extending model display (via 3861)
- Improvement: added `hasHost` spec selector for OAS 3.0 (via 3815)
- Bugfix: corrected a sanitizer issue that caused `validatorUrl: null` configurations to break (via 3852)
- Bugfix: removed extraneous `in` field for OAS 3.0 Bearer authorizations (via 3844)
- Housekeeping: updated version checking documentation for clarity (via 3854)
- Housekeeping: started caching `node_modules` for CI builds (via 3845)

[Version Diff](https://github.com/swagger-api/swagger-ui/compare/v3.4.2...v3.4.3)

**Interface changes**: none.

⚠️ **This UI release includes a security fix**. If you use Swagger-UI to load untrusted API definitions, we recommend upgrading to this version.

- Bugfix: filter out malicious schemes in user-supplied `href`s (via 3848)

**Interface changes**: none.

- Bugfix: Authorize button is no longer displayed within an OAS 3.0 definition if no security schemes are defined (via 3831)
- Bugfix: interceptors are now being handed off to resolver calls correctly, allowing $ref fetches to be intercepted by UI's interceptor options (via 3830)
- Bugfix: Docker image now references `SWAGGER_JSON` location with a relative reference (via 3810)
- Bugfix: parameter enums now set the first possible value by default when trying out an OAS 3.0 operation (via 3833)
- Bugfix: authorizable definitions are now updated correctly when a different definition is loaded (via 3834)
- Housekeeping: linter no longer allows exclusive tests (`describe.only`, `it.only`) which could have resulted in merging bad code (via 3799)
- Housekeeping: added a Pull Request template (via 3829)

[Version Diff](https://github.com/swagger-api/swagger-ui/compare/v3.4.0...v3.4.1)

**Interface changes**: none.

- Feature: many OpenAPI 3.0 authentication schemes are now supported (via 3780)
- Improvement: display on mobile is now bearable (via 3746)
- Bugfix: Markdown links are no longer stripped of their `href`s (via 3768)
- Bugfix: response text is no longer the same color as its background (via 3790)
- Bugfix: OpenAPI 3.0 array parameter inputs are now displayed correctly (via 3796)
- Bugfix: `requestInterceptor` and `responseInterceptor` options now intercept definition and $ref download requests (via https://github.com/swagger-api/swagger-js/pull/1161)
- Housekeeping: source maps are MOAR helpful (via 3793)

**Known issue**: OAuth2 security schemes with multiple flows display their state jointly - authorizing one _appears_ to authorize them all. This should not affect your ability to use the flows to authorize requests.

[Version Diff](https://github.com/swagger-api/swagger-ui/compare/v3.3.2...v3.4.0)

**Interface changes**: none.

- Improvement: `requestInterceptor` and `responseInterceptor` now intercept API definition fetches, and provide a `req.loadSpec` flag for isolating those requests (via 3738)
- Improvement: empty Try-It-Out responses no longer render as `Unknown response type` (via 3736)
- Bugfix: rendered Markdown no longer has a margin around it, allowing better alignment of the Responses table (via 3646)
- Bugfix: improved OpenAPI 3.0 parameter value validation (via 3751)
- Bugfix: Authorization locks now display correctly, fixing a regression first present in `v3.3.0`, released two weeks ago (via 3755)

[Version Diff](https://github.com/swagger-api/swagger-ui/compare/v3.3.1...v3.3.2)

This hotfix release patches an issue with OpenAPI 3.0 `requestBody` rendering (see 3718).